package com.example.demo.config;
import com.example.demo.Fileter.JwtAuthenticationTokenFilerter;
import com.example.demo.handler.AccessDenieHandlerImpl;
import com.example.demo.handler.AuthenticationEntryPointImpl;
import com.example.demo.handler.LogoutSuccessHandlerImpl;
import com.example.demo.service.UserDetailsServiceImpl;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

@EnableGlobalMethodSecurity(prePostEnabled = true)
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

  @Autowired
  private UserDetailsServiceImpl myUserDetailService;
  @Autowired
  private JwtAuthenticationTokenFilerter jwtAuthenticationTokenFilerter;
  @Autowired
  private AccessDenieHandlerImpl accessDenieHandler;
  @Autowired
  private AuthenticationEntryPointImpl authenticationEntryPoint;
@Autowired
private LogoutSuccessHandlerImpl logoutSuccessHandler;

  @Bean
  @Override
  public AuthenticationManager authenticationManager() throws Exception {
    return super.authenticationManager();
  }

  @Override
  protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth.userDetailsService(myUserDetailService);

  }

  @Override
  protected void configure(HttpSecurity http) throws Exception {

    http.authorizeRequests()
        .antMatchers("/swagger-ui.html").permitAll()
        .antMatchers("/webjars/**").permitAll()
        .antMatchers("/v2/**").permitAll()
        .antMatchers("/swagger-resources/**").permitAll();
    //关闭csrf
    http.csrf().disable();
    //禁用springsecurity的会话管理
    http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
    //给相关请求放行
    http.authorizeRequests().antMatchers("/dl2").permitAll();
    //请求都需要认证
    http.authorizeRequests().anyRequest().authenticated();
    // 添加 Token验证的过滤器
    http.addFilterBefore(jwtAuthenticationTokenFilerter, UsernamePasswordAuthenticationFilter.class);
    //运行跨域
    http.cors();
    http.logout().logoutUrl("/o").logoutSuccessHandler(logoutSuccessHandler);


    // 设置异常处理器
    http.exceptionHandling().
        // 指定授权异常 处理器
            accessDeniedHandler(accessDenieHandler).
        // 指定授权异常 处理器
            authenticationEntryPoint(authenticationEntryPoint);
  }

  /**
   * 密码加密方式
   * @return
   */
  @Bean
  public PasswordEncoder passwordEncoder() {
    return new BCryptPasswordEncoder();
  }
}
